xAPI
ReviewAudited by ClawScan on May 10, 2026.
Overview
The skill is a legitimate external-data CLI wrapper, but it also exposes a very broad third-party API gateway including state-changing POST calls without documented confirmation safeguards.
Use this skill only if you trust xapi.to and the xapi-to npm package. Treat it as a broad external API gateway, not just a read-only lookup tool. Ask the agent to confirm before any POST, DELETE, public posting, account-changing, or paid/quota-consuming action, and avoid sending sensitive data unless that external processing is acceptable.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
An agent using this skill could make broader or more impactful API calls than a user expects from a lookup/search tool, including public or account-changing actions.
The skill exposes a broad API proxy and documents a state-changing POST call that could publish or mutate third-party account data, without documented approval requirements for such actions.
call any third-party API through xapi ... npx xapi-to call x-official.2_tweets --method POST --input '{"body":{"text":"Hello!"}}'Require explicit user confirmation for POST, DELETE, account-modifying, public-posting, or payment-like API calls, and prefer read-only capabilities unless the user clearly asks for a mutation.
Anyone or any process with access to the saved key may be able to use the user's xapi quota and enabled services.
The skill requires and stores a service credential. This is expected for xapi access, but it grants access through the user's xapi account.
Before calling any action, you need an API key ... The API key is stored at `~/.xapi/config.json`. You can also set it via `XAPI_API_KEY` env var.
Store the key securely, avoid sharing logs containing it, and revoke or rotate it if the environment is untrusted.
The behavior depends on the current xapi-to package fetched by npx, which was not included for static review.
The skill depends on a remotely resolved npm package rather than reviewed bundled code. This is central to the skill, but users must trust the package source and updates.
xapi is available via npx (no install needed): `npx xapi-to <command>`
Use a trusted package source, consider pinning a known-good version, and review the package before use in sensitive environments.
Sensitive text, search queries, or API inputs could be processed outside the local agent environment.
The skill is designed to send user-provided inputs to xapi and potentially downstream third-party providers. This is purpose-aligned but creates an external data boundary.
APIs (`--source api`) — Third-party API proxies ... AI Text Processing ... summarize, rewrite, chat, embeddings
Do not submit secrets, private documents, or regulated data unless the user accepts xapi and downstream provider handling.